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- r/)G MAILING DATE of this communication appears on th& cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 19 October 1999 . 
2a)n This action is FINAL. 2bM This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex pa/te Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) 13 Claim(s) 1^ is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) [3 Claim(s) 1-20 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) M The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 19 October 1999 is/are: a)K accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held In abeyance. See 37 CFR 1.85(a). 

11) 0 The proposed drawing correction filed on is: a)n approved b)n disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) n The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 1 9(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 
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Art Unit: 2172 

DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1, 2, and 5-19 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Murphy (US 6,226,744 B1). 

a. Referring to claim 1: 
i. Murphy teaches: 

(1) a communications network in operative 
communication with said smart card terminal [i.e., Figure 1, a smart card 10 is 
inserted into a smart card reader 12, whicli Is inserted Into a 3.5" floppy disic drive 
of a client terminal, wherein the terminal having a network connection or modem 
connection to WWW 16 ( column 4, line 33-40)]; and 

(2) a central data base server in operative 
communication with said communication network [i.e., client terminal 14 is in 
communication with a secure gateway server 18, a secure server 22, and an 
administrative server 24 via WWW 16 (column 4, line 44-46)], said central database 
server including: 

(a) a plurality of partitioned memory locations [i.e.. 
Figure 2, main memory 24 may be any type of machine readable storage device, 
such as RAM, ROM, PROM, and EEPROM (column 5, line 8-13)], wherein 

(b) at least one of said memory locations contains 
information associated with said smart card [i.e., secure gateway server 18 includes 
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a main memory module, performing read and write Information to smart card, 
(column 6, line 18-19)], 

(c) said information being accessible by said smart 
card terminal via data pointers contained within said smart card [i.e., information from 
the card is accessed using the program and a PIN, and is compared with server 
information (column 4, line 23-25)]. 

b. Referring to claim 2 which depends on claim 1: 
i. Murphy further teaches: 

(1) a central time/data authority in operative 
communication with said communications network [i.e.. Figure 2, an authentication 
module resides within the secure gateway server which is in communication with 
network via WWW 16 (column 4, line 44-46 and line 60)], 

(a) said central time/data authority providing a time 
verification associated with said information transmitted between said central database 
server and said smart card terminal [I.e., authentication information was stored in 
database 26 by the same CA (Certified Authority) that issued smart card 10 to 
user (column 6, line 34-37). Any type of user data can be used and still fall within 
the scope of the invention (column 14, line 65-66)]. 

c. Referring to claim 5 which depends on claim 1: 
i. Murphy further teaches: 

(1) communications network includes the Internet [i.e., 
such networks are the Internet (column 1, line 60-61)]. 

d. Referring to claim 6 which depends on claim 1: 
i. Murphy further teaches: 

(1) central database server comprises a network smart 
card server and a plurality of interconnected database servers [i.e.. Figure 1, servers 
18, 20, 22, and 24 (column 4, line 47-48)]. 

e. Referring to claims 7and 8: 

i. Murphy further teaches: 
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(1) at least one of said plurality of partitioned memory 
locations includes a restricted data portion containing information accessible to a first 
predetermined group of network users [I.e., whenever a user desires to access 
restricted information stored at various servers protected by secure gateway 
server 18, tlie user only has to be authenticated once, then accesses a server 
having restricted Information (column 6, line 58-63)], and 

(2) a public data portion containing information 
accessible to a second predetermined group of network users [i.e., a user was not 
limited to the information stored on their own computer, but could gain access to 
information stored on hundreds, even thousands, of individual computers linked 
together by a single network (column 1, line 57-60)]. 

f. Referring to claim 9 which depends on claim 7: 
i. Murphy further teaches: 

(1) each of said plurality of partitioned memory locations 
supports a different smart card application [i.e., such as tickets, certificates, 
public/private key, and so forth (column 7, line 28-29)]. 

g. Referring to claim 10: 

i. Murphy teaches: 

(1) providing at least one smart card terminal for 
connection with a smart card [I.e., Figure 1, a smart card 10 is Inserted into a smart 
card reader 12, which is inserted into a 3.5" floppy disk drive of a client terminal 
(column 4, line 33-37)]; 

(2) selecting a desired application for said smart card 
transaction [i.e., the specific data being stored and retrieved from the smart card in 
this example of a smart card interface module is in the form a user's social 
security number (SSN) (column 7, line 22-25)]; 

(3) transmitting through a communications network at 
least an authorization code associated with said smart card to a network smart card 
server [i.e., information from the card is accessed using the program and a PIN or 
an access code, and is compared with server information (column 4, line 23-25)], 
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(4) said network smart card server including a plurality of 
partitioned memory locations [i.e., Figure 2, main memory 24 may be any type of 
machine readable storage device, such as RAIVI, ROM, PROM, and EEPROM 
(column 5, line 8-13)], 

(5) said authorization code providing a data pointer 
pointing to information contained in at least one of said plurality of partitioned memory 
location [i.e., authentication information was stored in database 26 by the same 
CA (Certified Authority), such as tokens, digital signatures, certificates, etc., that 
issued smart card 10 to user ( column 5, line 54-57 and column 6, line 34-37)]; and 

(6) transmitting said information through said 
communications network to said smart card terminal [i.e., authentication module 32 
uses the smart card interface module and the PIN to access and read/write user 
information from/to smart card 10 via WWW 16 (column 6, line 29-32)]. 

h. Referring to claim 11 which depends on claim 10: 
i. Murphy further teaches: 

(1 ) modifying said information at said smart card terminal, 
re-transmitting said modified information to said network smart card server, and storing 
said modified information in said at least one of said plurality of partitioned memory 
locations [I.e., Figure 1, a situation may arise where a user may want to 
access/change user information on smart card, the administrative module allows 
a user to verify and change a PIN. Any user modifications made at administrative 
server 24 are replicated to user's authentication profile stored in database 26 
(column 7, line 5-10)]. 

i. Referring to claim 12 which depends on claim 10: 

i. This claim has limitations that is similar to those of claim 2, 
thus it is rejected with the same rationale applied against claim 2 above. 

j. Referring to claim 13 which depends on claim 10: 

\. This claim has limitations that is similar to those of claim 1 1 , 
thus it is rejected with the same rationale applied against claim 1 1 above, 
k. Referring to claim 14: 
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i. Murphy teaches: 

(1) a first plurality of partitioned memory locations [i.e., 
read only memory (ROM) (column 5, line 9-10)]; 

(2) a second plurality of partitioned memory locations 
[i.e., random access memory (RAM) (column 5, line 8)]; and 

(3) a microprocessor programmed to received an 
authorization code representing a data pointer for pointing to information contained 
within a memory location within said first or second plurality of partitioned memory 
locations [i.e., Figure 2, the overall functioning of secure gateway server is 
controlled by a central processing unit (CPU) 26, which operates under the 
control of executed computer program instructions that are stored in main 
memory (column 4, line 66-67 and column 5, line 1-2). Bus adapter 30 is used for 
transferring data back and forth between CPU/memory bus and I/O bus (column 
5, line 37-38)]. 

I. Referring to claim 15 which depends on claim 14: 
1. Murphy further teaches: 

(1) first plurality of partitioned memory locations 
represents public data associated with said smart card transaction [i.e., a user was not 
limited to the information stored on their own computer, but could gain access to 
information stored on hundreds, even thousands, of individual computers linked 
together by a single network (column 1, line 57-60)]. 

m. Referring to claim 16 which depends on claim 15: 
i. Murphy further teaches: 

(1) second plurality of partitioned memory locations 
represents restricted data associated with said smart card transaction [i.e., whenever a 
user desires to access restricted information stored at various servers protected 
by secure gateway server 18, the user only has to be authenticated once, then 
accesses a server having restricted information (column 6, line 58-63)]. 
n. Referring to claim 17 which depends on claim 14: 
i. Murphy further teaches: 
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(1) first and second plurality of partitioned memory 
locations contain information corresponding to a smart card application [i.e., secure 
gateway server 18 includes a main memory module (such as RAM, ROM, PROM, 
EPROM, EEPROM), performing read and write information to smart card, (column 
6, line 18-19)], 

0. Referring to claim 18 which depends on claim 14: 
i . Murphy further teaches: 

(1) one of said first plurality of partitioned memory 
locations is located on a separate database server accessible through a communication 
network [i.e., Figure 1, Secure gateway server 18 Is In communication with WWW 
16, whereas database 26 could be stored on server 18 as well (column 4, line 54)]. 
p. Referring to claim 19 which depends on claim 18: 

i. This claim has limitations that is similar to those of claim 5, 
thus it is rejected with the same rationale applied against claim 5 above. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 3 and 4 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Murphy, and further in view of Barlow (US 6, 038, 551 ). 

k. Referring to claims 3 and 4 which depend on claim 1: 

i. Murphy teaches the claimed subject matter except for: 

(1) communications network is part of a public-switched 

telephone network. 

(2) communications network communicates with smart 
card terminal via the plain old telephone system (POTS). 

ii. However, Barlow teaches: 
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(1) Figure 1, the network 22 can also be innplemented as 
a telephone network, or an Interactive television network, or any other form for linking 
the computer 12 to an external source of Information (column 7, line 24-28). 

ill. It would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to: 

(1) include such telephone network or any other form of 
network connection (such as Figure 1, WWW 16 of Murphy) providing the electronic 
transactions a wide range of choices over the network connection as in Barlow (column 
7, line 18-28). 

vi. The ordinary skilled person would have been motivated to: 
(1 ) add additional telephone network or any other form of 
network connection (such as Figure 1, WWW 16 of Murphy) because it is a common 
practice in the art to include a wide range of choices over the network communications 
with secure electronic transactions in multiple different environment (column 4, line 60- 
62 of Barlow). 

b. Referring to claim 20 which depends on claim 18: 

i. This claim has limitations that is similar to those of claim 3, 
thus it is rejected with the same rationale applied against claim 3 above. 

Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Carper et al (US 6, 480, 935 B1) discloses a system and method 
for memory management in a smart card in which a single device by which memory in 
the smart card is allocated and deallocated (see abstract). 

b. Husemann et al (US 6, 192, 349 81) discloses a smart card is used 
to store an electronic tickets provided from the service provider's computer system to 
the customer's computer over an insecure communications line (see abstract). 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Thanhnga (Tanya) Truong whose telephone number 
is 703-305-0327. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached on 703-305-4393. The fax phone 
number for the organization where this application or proceeding is assigned is (703) 
872-9306. 



or proceeding should be directed to the receptionist whose telephone number is 703- 
305-3900. 



TBT 

August 26, 2003 



Any inquiry of a general nature or relating to the status of this application 




